Ransomware is a particularly notorious type of malware, used by hackers to encrypt your own files and demand a payment of Bitcoins in exchange for the key needed to decrypt them. Well there’s a new piece of ransomware that has been discovered by researchers from the security firm Bromium, and they say it’s targeting popular video games. The ransomware is being distributed by a Flash banner on a compromised WordPress blog.
This particular ransomware targets user-created files associated with video games, such as save files, profiles, and mods, which cannot be replaced by reinstalling the game. The list of games targeted by the ransomware includes Call of Duty, StarCraft, Diablo, Fallout, The Elder Scrolls, Minecraft, Half-Life 2, Assassin’s Creed, Bioshock, Metro 2033, World of Warcraft, League of Legends and World of Tanks. It’s also targeting popular video game engines used by developers such as RPG Maker, Unreal Engine and Unity3D. Even files associated with Steam, the popular digital distribution platform, are being targeted by this ransomware.
The ransomware itself purports to be a variant of the infamous Cryptolocker, which earned its creators millions of dollars in exchange for keys to encrypted files, until it was shut down by law enforcement in May 2014. However, the researchers analyzing the ransomeware’s binaries found it to be only 8% similar to Cryptolocker. They believe the creators of the ransomware are simply reusing the name, but the program is not actually related to Cryptolocker.
The ransomware claims that it is using strong encryption with 2048-bit RSA keys, but the researchers at Bromium are still analyzing it to determine if this is actually the case. The researchers are trying to figure out if it is possible to decrypt the files without paying the ransom, but if it is using strong encryption there may be no way to decrypt the files without getting the key from the hackers. This malware is sure to cause an annoyance for the gamers who have their files encrypted by it, and some may even feel it is worth paying a ransom if there is no other way to get access to those files again.
Do you think this ransomware will earn its creators millions of dollars, like cryptolocker? Leave your comment below.